<?php
    date_default_timezone_set('Europe/Kiev');
    $orderid = $_GET['order'];
    global $current_user;
    get_currentuserinfo();
    $date = date('H:i:s d:m:Y');
    $security_query = "SELECT ID FROM crm_users WHERE user_login='".$current_user->user_login."'";
    $security_result = mysql_query($security_query);
    while ($security_row = mysql_fetch_array($security_result))
    {
        if ($security_row['ID'] == 1)
        {
            if (isset($_POST['submit']))
            {
                $title = $_POST['title'];
                $decr = $_POST['decr'];
                $cust_name = $_POST['cust_name'];
                $cust_mail = $_POST['cust_mail'];
                $performer = $_POST['performer'];
                $status = $_POST['status'];
                $user_query = "SELECT ID, user_email FROM crm_users WHERE display_name='".$performer."'";
                $user_result = mysql_query($user_query);
                while ($row = mysql_fetch_array($user_result))
                {
                    $performer_mail = $row['user_email'];
                    $performer_id = $row['ID'];
                    $query = "UPDATE crm_orders SET title='".$title."', descr='".$decr."', customer='".$cust_name."', customer_mail='".$cust_mail."',
                    performer='".$performer."', performer_mail='".$performer_mail."', performer_id='".$performer_id."', updated_by='".$current_user->user_login."',
                    updated='".$date."', status='".$status."' WHERE id='".$orderid."'";
                    $result = mysql_query($query);
                    if ($result)
                    {
                        echo "Запись успешно обновлена.\n";
                    }
                }
                echo '<br/><input type="button" onclick="history.back();" value="Назад"/><br/>';
            }
            else
            {
                $formquery = "SELECT title, descr, customer, customer_mail, performer, status FROM crm_orders WHERE id='".$orderid."'";
                $formresult = mysql_query($formquery);
                while ($formrow = mysql_fetch_array($formresult))
                {
                    echo '<form method="post" name="form" action="">';
                    echo '<label>Введите тему: </label>';
                    echo '<input name="title" style="width: 100%" type="text" value="'.$formrow['title'].'"></input>';
                    echo '<br>';
                    echo '<label>Введите текст и описание задачи: </label>';
                    echo '<input name="decr" style="width: 100%" type="text" value="'.$formrow['descr'].'"></input>';
                    echo '<br>';
                    echo '<label>Введите ФИО заказчика: </label>';
                    echo '<input name="cust_name" style="width: 100%" type="text" value="'.$formrow['customer'].'"></input>';
                    echo '<br>';
                    echo '<label>Введите E-Mail заказчика: </label>';
                    echo '<input name="cust_mail" style="width: 100%" type="text" value="'.$formrow['customer_mail'].'"></input>';
                    echo '<br>';
                    echo '<label>Выберите исполнителя:</label>';
                    echo '<form method="post">
                      <select name="performer">
                      <option value="">Выберите исполнителя: </option>';
                    $result =  mysql_query("SELECT id, display_name FROM crm_users ORDER BY id")
                        or die ("<b>Query failed:</b> " . mysql_error());
                    while ($row = mysql_fetch_array($result))
                    {
                        echo "<option value='".$row['display_name']."'>".$row['display_name']."</option>";
                    }
                    echo '</select>';
                    echo '<br>';
                    echo '<label>Статус:</label>';
                    echo '<form method="post">
                      <select name="status">
                      <option value="">Статус: </option>';
                    for ($i = 0; $i < 5; $i++)
                    {
                        if ($i == 0)
                        {
                            $status_str = "Новая";
                        }
                        elseif ($i == 1)
                        {
                            $status_str = "Обрабатывается";
                        }
                        elseif ($i == 2)
                        {
                            $status_str = "На выполнении";
                        }
                        elseif ($i == 3)
                        {
                            $status_str = "Обработана";
                        }
                        elseif ($i == 4)
                        {
                            $status_str = "Закрыта";
                        }
                        echo "<option value='".$i."'>".$status_str."</option>";
                    }
                    echo '</select>';
                    echo '<br>';
                    echo '<input name="submit" type="submit" value="Обновить задачу"></input>';
                    echo '</form>';
                    echo '<input type="button" onclick="history.back();" value="Назад"/>';
                }

            }
        }
        elseif ($security_row['ID'] == 2)
        {
            if (isset($_POST['submit']))
            {
                $decr = $_POST['decr'];
                $cust_name = $_POST['cust_name'];
                $cust_mail = $_POST['cust_mail'];
                $performer = $_POST['performer'];
                $status = $_POST['status'];
                $user_query = "SELECT ID, user_email FROM crm_users WHERE display_name='".$performer."'";
                $user_result = mysql_query($user_query);
                while ($row = mysql_fetch_array($user_result))
                {
                    $performer_mail = $row['user_email'];
                    $performer_id = $row['ID'];
                    $query = "UPDATE crm_orders SET descr='".$decr."', customer='".$cust_name."', customer_mail='".$cust_mail."', performer='".$performer."',
                    performer_mail='".$performer_mail."', performer_id='".$performer_id."', updated_by='".$current_user->user_login."', updated='".$date."',
                    status='".$status."' WHERE id='".$orderid."'";
                    $result = mysql_query($query);
                    if ($result)
                    {
                        echo "Запись успешно обновлена.\n";
                    }
                }
                echo '<br/><input type="button" onclick="history.back();" value="Назад"/><br/>';
            }
            else
            {
                $formquery = "SELECT title, descr, customer, customer_mail, performer, status FROM crm_orders WHERE id='".$orderid."'";
                $formresult = mysql_query($formquery);
                while ($formrow = mysql_fetch_array($formresult))
                {
                    echo '<h2>'.$formrow['title'].'</h2>';
                    echo '<form method="post" name="form" action="">';
                    echo '<label>Введите текст и описание задачи: </label>';
                    echo '<input name="decr" style="width: 100%" type="text" value="'.$formrow['descr'].'"></input>';
                    echo '<br>';
                    echo '<label>Введите ФИО заказчика: </label>';
                    echo '<input name="cust_name" style="width: 100%" type="text" value="'.$formrow['customer'].'"></input>';
                    echo '<br>';
                    echo '<label>Введите E-Mail заказчика: </label>';
                    echo '<input name="cust_mail" style="width: 100%" type="text" value="'.$formrow['customer_mail'].'"></input>';
                    echo '<br>';
                    echo '<label>Выберите исполнителя:</label>';
                    echo '<form method="post">
                      <select name="performer">
                      <option value="'.$formrow['display_name'].'">Выберите исполнителя: </option>';
                    $result =  mysql_query("SELECT id, display_name FROM crm_users ORDER BY id")
                        or die ("<b>Query failed:</b> " . mysql_error());
                    while ($row = mysql_fetch_array($result))
                    {
                        echo "<option value='".$row['display_name']."'>".$row['display_name']."</option>";
                    }
                    echo '</select>';
                    echo '<br>';
                    echo '<label>Статус:</label>';
                    echo '<form method="post">
                      <select name="status">
                      <option value="">Статус: </option>';
                    for ($i = 0; $i < 5; $i++)
                    {
                        if ($i == 0)
                        {
                            $status_str = "Новая";
                        }
                        elseif ($i == 1)
                        {
                            $status_str = "Обрабатывается";
                        }
                        elseif ($i == 2)
                        {
                            $status_str = "На выполнении";
                        }
                        elseif ($i == 3)
                        {
                            $status_str = "Обработана";
                        }
                        elseif ($i == 4)
                        {
                            $status_str = "Закрыта";
                        }
                        echo "<option value='".$i."'>".$status_str."</option>";
                    }
                    echo '</select>';
                    echo '<br>';
                    echo '<input name="submit" type="submit" value="Обновить задачу"></input>';
                    echo '</form>';
                    echo '<input type="button" onclick="history.back();" value="Назад"/>';
                }

            }
        }
        else
        {
            if (isset($_POST['submit']))
            {
                $status = $_POST['status'];
                $query = "UPDATE crm_orders SET updated_by='".$current_user->user_login."', updated='".$date."', status='".$status."' WHERE id='".$orderid."'";
                $result = mysql_query($query);
                if ($result)
                {
                    echo "Запись успешно обновлена.\n";
                }
                echo '<br/><input type="button" onclick="history.back();" value="Назад"/><br/>';
            }
            else
            {
                $formquery = "SELECT title, descr, customer, customer_mail, performer, status FROM crm_orders WHERE id='".$orderid."'";
                $formresult = mysql_query($formquery);
                while ($formrow = mysql_fetch_array($formresult))
                {
                    echo '<h2>'.$formrow['title'].'</h2><br/>';
                    echo $formrow['descr'].'<br/>';
                    echo "Заказчик:<br/>";
                    echo $formrow['customer'].'<br/>';
                    echo $formrow['customer_mail'].'<br/>';
                    echo "Назначена:<br/>";
                    echo $formrow['performer'].'<br/>';
                    echo '<label>Статус:</label>';
                    echo '<form method="post">
                      <select name="status">
                      <option value="">Статус: </option>';
                    for ($i = 0; $i < 5; $i++)
                    {
                        if ($i == 0)
                        {
                            $status_str = "Новая";
                        }
                        elseif ($i == 1)
                        {
                            $status_str = "Обрабатывается";
                        }
                        elseif ($i == 2)
                        {
                            $status_str = "На выполнении";
                        }
                        elseif ($i == 3)
                        {
                            $status_str = "Обработана";
                        }
                        elseif ($i == 4)
                        {
                            $status_str = "Закрыта";
                        }
                        echo "<option value='".$i."'>".$status_str."</option>";
                    }
                    echo '</select>';
                    echo '<br>';
                    echo '<input name="submit" type="submit" value="Обновить задачу"></input>';
                    echo '</form>';
                    echo '<input type="button" onclick="history.back();" value="Назад"/>';
                }

            }
        }
    }
?>